Grouper Users - Open Discussion List

[Darren Boss <>]

Just a note about how confused I was in setting up ldap as a subject source in Grouper 2.4 when following instructions in the base configuration files.

In grouper-loader.properties

#################################

## LDAP connections

#################################

# specify the ldap connection with user, pass, url

# the string after "ldap." is the ID of the connection, and it should not have

# spaces or other special chars in it.  In this case is it "personLdap"

#note the URL should start with ldap: or ldaps: if it is SSL.  

#It should contain the server and port (optional if not default), and baseDn, 

#e.g. ldaps://ldapserver.school.edu:636/dc=school,dc=edu

and in subject.base.properties

# base dn to search in

#subjectApi.source.example.search.searchSubject.param.base.value = ou=people,dc=example,dc=edu

I'm doing overlay config so copying into the non .base. property files. Am I wrong in thinking this misleads people into misconfiguration of their LDAP subject source? Should I be setting up my ldap configuration in another way?

Removing the base dn from the ldap url but keeping it in the subject.properties fixed my issue but it took me almost a full day to figure this out and the while the logs were telling me the subject is wasn't being found ([LDAP: error code 32 - No Such Object]) I felt like I was following the correct setup instructions.